diff options
| author | Dylan William Hardison <dylan@hardison.net> | 2017-07-27 05:35:55 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-07-27 05:35:55 +0200 |
| commit | 7a4c46dc5ebef6de0c387c38cf80d8cf34c57c33 (patch) | |
| tree | 33a54e399e73ef5ae1bd6184d2c9feb0501a3872 /new_bug.cgi | |
| parent | ea1d22b3f6151d7316ef73c4b4f08a4c8b591c72 (diff) | |
| download | bugzilla-7a4c46dc5ebef6de0c387c38cf80d8cf34c57c33.tar.gz bugzilla-7a4c46dc5ebef6de0c387c38cf80d8cf34c57c33.tar.xz | |
Bug 1384100 - Lock out access to /new-bug in production
Diffstat (limited to 'new_bug.cgi')
| -rw-r--r-- | new_bug.cgi | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/new_bug.cgi b/new_bug.cgi index 2e903cfce..7f35f9ebc 100644 --- a/new_bug.cgi +++ b/new_bug.cgi @@ -46,6 +46,11 @@ my $cgi = Bugzilla->cgi; my $template = Bugzilla->template; my $vars = {}; +unless ($user->in_group('new-bug-testers')) { + print $cgi->redirect(correct_urlbase()); + exit; +} + if (lc($cgi->request_method) eq 'post') { my $token = $cgi->param('token'); check_hash_token($token, ['new_bug']); |